fix: check prototype property access in strict-mode (#1736) - b6d3de7
fix: escape property names in compat mode (#1736) - f058970
refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
chore: start testing on Node.js 12 and 13 - 3789a30
(POSSIBLY) BREAKING CHANGES:
the changes from version 4.6.0 now also apply
in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods
can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties
from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.
That is why we only bump the patch version despite mentioning breaking changes.
This vulnerability refers to the ability of an attacker to arbitrarily perform a redirection (external) or forward (internal) against the system. It arises due to insufficient validation or sanitisation of inputs used to perform a redirect or forward and may result in privilege escalation (in the case of a forward) or may be used to launch phishing attacks against users (in the case of redirects).
By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).
Cross-site scripting vulnerabilities occur when unescaped input is rendered into a page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.
OWASP Cross Site Scripting (XSS) Software Attack - OWASP community page with comprehensive information about cross site scripting, and links to various OWASP resources to help detect or prevent it.
To trigger a single review, invoke the @coderabbitai review command.
You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
Share
- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai)
- [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai)
- [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai)
- [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)
Tips
### Chat
There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai):
- Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- `I pushed a fix in commit .`
- `Generate unit testing code for this file.`
- `Open a follow-up GitHub issue for this discussion.`
- Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples:
- `@coderabbitai generate unit testing code for this file.`
- `@coderabbitai modularize this function.`
- PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- `@coderabbitai generate interesting stats about this repository and render them as a table.`
- `@coderabbitai show all the console.log statements in this repository.`
- `@coderabbitai read src/utils.ts and generate unit testing code.`
- `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.`
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.
### CodeRabbit Commands (invoked as PR comments)
- `@coderabbitai pause` to pause the reviews on a PR.
- `@coderabbitai resume` to resume the paused reviews.
- `@coderabbitai review` to trigger a review. This is useful when automatic reviews are disabled for the repository.
- `@coderabbitai resolve` resolve all the CodeRabbit review comments.
- `@coderabbitai help` to get help.
Additionally, you can add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed.
### CodeRabbit Configration File (`.coderabbit.yaml`)
- You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository.
- Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information.
- If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json`
### Documentation and Community
- Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit.
- Join our [Discord Community](https://discord.com/invite/GsXnASn26c) to get help, request features, and share feedback.
- Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.
Bumps the npm_and_yarn group with 18 updates in the / directory:
6.1.7
10.2.5
1.7.1
6.3.16
5.0.0
5.0.1
1.2.0
1.2.8
0.5.1
0.5.6
4.0.12
4.7.8
5.3.2
5.4.4
7.0.0
7.24.1
5.5.2
8.12.0
0.6.8
17.3.5
6.0.8
17.3.5
5.1.0
5.1.5
1.0.1
1.1.4
1.5.7
1.15.6
1.2.4
1.2.13
3.12.0
3.14.1
0.2.3
0.4.0
1.4.1
1.4.2
Updates
@angular/core
from 6.1.7 to 10.2.5Changelog
Sourced from
@angular/core
's changelog.... (truncated)
Commits
ba8da74
fix(core): fix possible XSS attack in development through SSR (#40525)90570c0
fix(core): setngDevMode
tofalse
when callingenableProdMode()
(#40160)0b8e3d5
fix(core): fix possible XSS attack in development through SSR. (#40152)1aee8b3
refactor(compiler): store thefullStart
location onParseSourceSpan
s (#39...812355c
perf(core): do not recurse into modules that have already been registered (#3...8f36c21
refactor(router): Small refactor of createUrlTree and extra tests (#39456)90acb91
docs: tView.preOrderHooks and tView.preOrderCheckHooks docs update (#39497)8c82106
fix(core): markDirty() should only mark flags when really scheduling tick. (#...0b37249
docs(core): update a typo in the comment of ngZoneEventCoalescing (#39423)3b779a1
docs: fix typo in initializeInputAndOutputAliases docstring (#39438)Maintainer changes
This version was pushed to npm by google-wombot, a new releaser for
@angular/core
since your current version.Updates
karma
from 1.7.1 to 6.3.16Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
... (truncated)
Commits
ab4b328
chore(release): 6.3.16 [skip ci]ff7edbb
fix(security): mitigate the "Open Redirect Vulnerability"c1befa0
chore(release): 6.3.15 [skip ci]d9dade2
fix(helper): make mkdirIfNotExists helper resilient to concurrent calls653c762
ci: prevent duplicate CI tasks on creating a PRc97e562
chore(release): 6.3.14 [skip ci]91d5acd
fix: remove string template from client code69cfc76
fix: warn whensingleRun
andautoWatch
arefalse
839578c
fix(security): remove XSS vulnerability inreturnUrl
query paramdb53785
chore(release): 6.3.13 [skip ci]Updates
yargs-parser
from 5.0.0 to 5.0.1Changelog
Sourced from yargs-parser's changelog.
... (truncated)
Commits
eab6c03
chore: release 5.0.1 (#363)1c417bd
fix(security): address GHSA-p9pc-299p-vxgp (#362)e93a345
chore: mark release in commit history (#361)ee15863
chore: push new package version4774207
fix: back-porting prototype fixes for really old version (#271)Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.
Updates
minimist
from 1.2.0 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2
v1.2.8a026794
Merge tag 'v0.2.3'c0b2661
v0.2.363b8fee
[Fix] Fix long option followed by single dash (#17)72239e6
[Tests] Remove duplicate test (#12)34b0f1c
[eslint] fix indentation3226afa
[Dev Deps] add missingnpmignore
dev dep098873c
[Dev Deps] update@ljharb/eslint-config
,aud
9ec4d27
[Fix] Fix long option followed by single dashba92fe6
[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
mkdirp
from 0.5.1 to 0.5.6Commits
92f086d
0.5.62a28125
clean up testsc905d65
update minimist049cf18
0.5.5bea6382
Remove unnecessary umask calls42a012c
0.5.42867920
fix infinite loop on windows machinesd784e70
0.5.3d612c5d
add files list so this package isn't a monsterb2e7ba0
0.5.2Maintainer changes
This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.
Updates
handlebars
from 4.0.12 to 4.7.8Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
... (truncated)
Commits
8dc3d25
v4.7.8668c4fb
Fix browser tests in CI pipelinec65c6cc
Test on Node 183d3796c
Make library compatible with workers075b354
Fix sync issue with npm lock-file30dbf04
Fix compiling of each block params in strict modee3a5448
Fix bundler issue with webpack 58e23642
Fix integration-tests issue with npm >= 788ac068
use https instead of git for mustache submodulec68bc08
Fix typoMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Updates
protractor
from 5.3.2 to 5.4.4Release notes
Sourced from protractor's releases.
Changelog
Sourced from protractor's changelog.
... (truncated)
Commits
a0ffa9b
release: 5.4.48b3ebf8
fix: security prototype pollution162f9e5
ci: Log sauce connect proxy to stdout, remove travis_wait, upgrade proxy to 4...eb1d0fc
docs(release): Update release docs for 5.4 series.6c46098
chore(release): Update changelogfaf0895
fix(ci): Don't update webdriver in pretestd77731c
fix(release): Pin CircleCI to Chrome v74efe7fdd
chore(dependencies): Update natives, so we can continue to run Gulp on0442e51
chore(release): Bugfix release 5.4.37999a08
fix(index.ts): Fix exports to unbreak TypeScript 3.7 buildUpdates
@babel/traverse
from 7.0.0 to 7.24.1Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information
Processing PR updates...
Check out the playback for this Pull Request here.
Micro-Learning Topic: Open redirect (Detected by phrase)
Matched on "Open Redirect"
What is this? (2min video)
This vulnerability refers to the ability of an attacker to arbitrarily perform a redirection (external) or forward (internal) against the system. It arises due to insufficient validation or sanitisation of inputs used to perform a redirect or forward and may result in privilege escalation (in the case of a forward) or may be used to launch phishing attacks against users (in the case of redirects).
Try a challenge in Secure Code Warrior
Helpful references
Micro-Learning Topic: Prototype pollution (Detected by phrase)
Matched on "prototype pollution"
What is this? (2min video)
By adding or modifying attributes of an object prototype, it is possible to create attributes that exist on every object, or replace critical attributes with malicious ones. This can be problematic if the software depends on existence or non-existence of certain attributes, or uses pre-defined attributes of object prototype (such as hasOwnProperty, toString or valueOf).
Try a challenge in Secure Code Warrior
Micro-Learning Topic: Cross-site scripting (Detected by phrase)
Matched on "XSS"
What is this? (2min video)
Cross-site scripting vulnerabilities occur when unescaped input is rendered into a page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.
Try a challenge in Secure Code Warrior
Helpful references
Thanks @dependabot[bot] for opening this PR!
For COLLABORATOR only :
To add labels, comment on the issue
/label add label1,label2,label3
To remove labels, comment on the issue
/label remove label1,label2,label3
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
Share
- [X](https://twitter.com/intent/tweet?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A&url=https%3A//coderabbit.ai) - [Mastodon](https://mastodon.social/share?text=I%20just%20used%20%40coderabbitai%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20the%20proprietary%20code.%20Check%20it%20out%3A%20https%3A%2F%2Fcoderabbit.ai) - [Reddit](https://www.reddit.com/submit?title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&text=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code.%20Check%20it%20out%3A%20https%3A//coderabbit.ai) - [LinkedIn](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fcoderabbit.ai&mini=true&title=Great%20tool%20for%20code%20review%20-%20CodeRabbit&summary=I%20just%20used%20CodeRabbit%20for%20my%20code%20review%2C%20and%20it%27s%20fantastic%21%20It%27s%20free%20for%20OSS%20and%20offers%20a%20free%20trial%20for%20proprietary%20code)Tips
### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commitNew and removed dependencies detected. Learn more about Socket for GitHub ↗︎
0
0
0
0
0
0
0
0
0
+8
0
0
0
0
+4
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
+6
+5
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
🚮 Removed packages: npm/@angular-devkit/architect@0.6.8, npm/@angular-devkit/build-angular@0.6.8, npm/@angular-devkit/build-optimizer@0.6.8, npm/@angular-devkit/core@0.6.8, npm/@angular-devkit/schematics@0.6.8, npm/@angular/cli@6.0.8, npm/@angular/core@6.1.7, npm/@babel/helper-function-name@7.0.0, npm/@babel/helper-get-function-arity@7.0.0, npm/@babel/helper-split-export-declaration@7.0.0, npm/@babel/traverse@7.0.0, npm/@ngtools/webpack@6.0.8, npm/@schematics/angular@0.6.8, npm/@schematics/update@0.6.8, npm/@types/selenium-webdriver@2.53.43, npm/@webassemblyjs/ast@1.4.3, npm/@webassemblyjs/floating-point-hex-parser@1.4.3, npm/@webassemblyjs/helper-buffer@1.4.3, npm/@webassemblyjs/helper-code-frame@1.4.3, npm/@webassemblyjs/helper-fsm@1.4.3, npm/@webassemblyjs/helper-wasm-bytecode@1.4.3, npm/@webassemblyjs/helper-wasm-section@1.4.3, npm/@webassemblyjs/leb128@1.4.3, npm/@webassemblyjs/validation@1.4.3, npm/@webassemblyjs/wasm-edit@1.4.3, npm/@webassemblyjs/wasm-gen@1.4.3, npm/@webassemblyjs/wasm-opt@1.4.3, npm/@webassemblyjs/wasm-parser@1.4.3, npm/@webassemblyjs/wast-parser@1.4.3, npm/@webassemblyjs/wast-printer@1.4.3, npm/abbrev@1.0.9, npm/acorn-dynamic-import@3.0.0, npm/acorn@5.7.2, npm/adm-zip@0.4.4, npm/after@0.8.2, npm/agent-base@4.2.1, npm/ajv-errors@1.0.0, npm/ajv-keywords@3.2.0, npm/ajv@6.4.0, npm/amdefine@1.0.1, npm/ansi-colors@3.0.5, npm/ansi-html@0.0.7, npm/anymatch@2.0.0, npm/aproba@1.2.0, npm/are-we-there-yet@1.1.5, npm/arr-diff@4.0.0, npm/arr-union@3.1.0, npm/array-find-index@1.0.2, npm/array-flatten@2.1.1, npm/array-slice@0.2.3, npm/array-unique@0.3.2, npm/arraybuffer.slice@0.0.6, npm/asap@2.0.6, npm/asn1.js@4.10.1, npm/assert@1.4.1, npm/assign-symbols@1.0.0, npm/async-foreach@0.1.3, npm/async@1.5.2, npm/atob@2.1.2, npm/autoprefixer@8.6.5, npm/babel-generator@6.26.1, npm/babel-messages@6.23.0, npm/babel-runtime@6.26.0, npm/babel-template@6.26.0, npm/babel-traverse@6.26.0, npm/babel-types@6.26.0, npm/babylon@6.18.0, npm/backo2@1.0.2, npm/base64-arraybuffer@0.1.5, npm/base64-js@1.3.0, npm/base64id@1.0.0, npm/base@0.11.2, npm/better-assert@1.0.2, npm/big.js@3.2.0, npm/blob@0.0.4, npm/block-stream@0.0.9, npm/bluebird@3.5.2, npm/bn.js@4.11.8, npm/body-parser@1.18.2, npm/bonjour@3.5.0, npm/braces@2.3.2, npm/brorand@1.1.0, npm/browserify-aes@1.2.0, npm/browserify-cipher@1.0.1, npm/browserify-des@1.0.2, npm/browserify-rsa@4.0.1, npm/browserify-sign@4.0.4, npm/browserify-zlib@0.2.0, npm/browserslist@3.2.8, npm/buffer-alloc-unsafe@1.1.0, npm/buffer-alloc@1.2.0, npm/buffer-fill@1.0.0, npm/buffer-indexof@1.1.1, npm/buffer-xor@1.0.3, npm/buffer@4.9.1, npm/builtin-status-codes@3.0.0, npm/builtins@1.0.3, npm/cacache@10.0.4, npm/cache-base@1.0.1, npm/cache-loader@1.2.2, npm/callsite@1.0.0, npm/camel-case@3.0.0, npm/camelcase-keys@2.1.0, npm/camelcase@2.1.1, npm/caniuse-lite@1.0.30000885, npm/chokidar@2.0.4, npm/chownr@1.0.1, npm/chrome-trace-event@0.1.3, npm/cipher-base@1.0.4, npm/circular-dependency-plugin@5.0.2, npm/class-utils@0.3.6, npm/clean-css@4.2.1, npm/cliui@3.2.0, npm/clone-deep@2.0.2, npm/clone@2.1.2, npm/co@4.6.0, npm/collection-visit@1.0.0, npm/combine-lists@1.0.1, npm/commondir@1.0.1, npm/component-bind@1.0.0, npm/component-emitter@1.2.1, npm/component-inherit@0.0.3, npm/compressible@2.0.14, npm/compression@1.7.3, npm/concat-stream@1.6.2, npm/connect-history-api-fallback@1.5.0, npm/connect@3.6.6, npm/console-browserify@1.1.0, npm/console-control-strings@1.1.0, npm/constants-browserify@1.0.0, npm/content-disposition@0.5.2, npm/content-type@1.0.4, npm/convert-source-map@1.6.0, npm/cookie@0.3.1, npm/copy-concurrently@1.0.5, npm/copy-descriptor@0.1.1, npm/copy-webpack-plugin@4.5.2, npm/cosmiconfig@4.0.0, npm/create-ecdh@4.0.3, npm/create-hash@1.2.0, npm/create-hmac@1.1.7, npm/cross-spawn@3.0.1, npm/crypto-browserify@3.12.0, npm/css-parse@1.7.0, npm/css-select@1.2.0, npm/css-what@2.1.0, npm/cuint@0.2.2, npm/currently-unhandled@0.4.1, npm/cyclist@0.2.2, npm/date-now@0.1.4, npm/decode-uri-component@0.2.0, npm/deep-equal@1.0.1, npm/deep-is@0.1.3, npm/default-gateway@2.7.2, npm/define-properties@1.1.3, npm/define-property@2.0.2, npm/del@3.0.0, npm/delegates@1.0.0, npm/depd@1.1.2, npm/des.js@1.0.0, npm/destroy@1.0.4, npm/detect-indent@4.0.0, npm/detect-node@2.0.4, npm/diffie-hellman@5.0.3, npm/dir-glob@2.0.0, npm/dns-equal@1.0.0, npm/dns-packet@1.3.1, npm/dns-txt@2.0.2, npm/dom-converter@0.1.4, npm/dom-serializer@0.1.0, npm/domain-browser@1.2.0, npm/domelementtype@1.3.0, npm/domhandler@2.1.0, npm/domutils@1.5.1, npm/duplexify@3.6.0, npm/ejs@2.6.1, npm/electron-to-chromium@1.3.63, npm/elliptic@6.4.1, npm/emojis-list@2.1.0, npm/engine.io-client@1.8.3, npm/engine.io-parser@1.3.2, npm/engine.io@1.8.3, npm/enhanced-resolve@4.1.0, npm/entities@1.1.1, npm/errno@0.1.7, npm/es-abstract@1.12.0, npm/es-to-primitive@1.1.1, npm/es6-promise@4.2.4, npm/escodegen@1.8.1, npm/eslint-scope@3.7.3, npm/esprima@2.7.3, npm/esrecurse@4.2.1, npm/estraverse@1.9.3, npm/eventemitter3@3.1.0, npm/events@1.1.1, npm/eventsource@0.1.6, npm/evp_bytestokey@1.0.3, npm/execa@0.10.0, npm/expand-braces@0.1.2, npm/expand-brackets@2.1.4, npm/express@4.16.3, npm/extend-shallow@3.0.2, npm/extglob@2.0.4, npm/fast-deep-equal@1.1.0, npm/fast-levenshtein@2.0.6, npm/faye-websocket@0.10.0, npm/file-loader@1.1.11, npm/fill-range@4.0.0, npm/finalhandler@1.1.1, npm/find-cache-dir@1.0.0, npm/find-up@2.1.0, npm/flush-write-stream@1.0.3, npm/follow-redirects@1.5.7, npm/for-own@1.0.0, npm/forwarded@0.1.2, npm/fragment-cache@0.2.1, npm/from2@2.3.0, npm/fs-write-stream-atomic@1.0.10, npm/fsevents@1.2.4, npm/fstream@1.0.11, npm/function-bind@1.1.1, npm/gauge@2.7.4, npm/gaze@1.1.3, npm/get-stdin@4.0.1, npm/get-stream@3.0.0, npm/get-value@2.0.6, npm/glob-parent@3.1.0, npm/globals@9.18.0, npm/globby@7.1.1, npm/globule@1.2.1, npm/handle-thing@1.2.5, npm/handlebars@4.0.12, npm/har-validator@5.1.0, npm/has-binary@0.1.7, npm/has-cors@1.1.0, npm/has-unicode@2.0.1, npm/has-value@1.0.0, npm/has-values@1.0.0, npm/has@1.0.3, npm/hash-base@3.0.4, npm/hash.js@1.1.5, npm/he@1.1.1, npm/hmac-drbg@1.0.1, npm/hosted-git-info@2.7.1, npm/html-entities@1.2.1, npm/html-minifier@3.5.20, npm/html-webpack-plugin@3.2.0, npm/htmlparser2@3.3.0, npm/http-errors@1.6.3, npm/http-parser-js@0.4.13, npm/http-proxy-middleware@0.18.0, npm/http-proxy@1.17.0, npm/https-browserify@1.0.0, npm/https-proxy-agent@2.2.1, npm/iconv-lite@0.4.19, npm/ieee754@1.1.12, npm/iferr@0.1.5, npm/ignore@3.3.10, npm/import-cwd@2.1.0, npm/import-from@2.1.0, npm/import-local@2.0.0, npm/in-publish@2.0.0, npm/indent-string@2.1.0, npm/indexof@0.0.1, npm/ini@1.3.5, npm/internal-ip@3.0.1, npm/invariant@2.2.4, npm/invert-kv@1.0.0, npm/ip-regex@2.1.0, npm/ip@1.1.5, npm/ipaddr.js@1.8.0, npm/is-accessor-descriptor@0.1.6, npm/is-builtin-module@1.0.0, npm/is-callable@1.1.4, npm/is-data-descriptor@0.1.4, npm/is-date-object@1.0.1, npm/is-descriptor@0.1.6, npm/is-directory@0.3.1, npm/is-finite@1.0.2, npm/is-glob@4.0.0, npm/is-number@3.0.0, npm/is-regex@1.0.4, npm/is-symbol@1.0.1, npm/is-utf8@0.2.1, npm/is-windows@1.0.2, npm/is-wsl@1.1.0, npm/isbinaryfile@3.0.3, npm/istanbul-instrumenter-loader@3.0.1, npm/istanbul-lib-coverage@1.2.1, npm/istanbul-lib-instrument@1.10.2, npm/istanbul@0.4.5, npm/js-base64@2.4.9, npm/js-yaml@3.12.0, npm/jsesc@1.3.0, npm/json-parse-better-errors@1.0.2, npm/json-schema-traverse@0.3.1, npm/json-schema@0.2.3, npm/json3@3.3.2, npm/json5@0.5.1, npm/jsprim@1.4.1, npm/jszip@3.1.5, npm/karma-source-map-support@1.3.0, npm/karma@1.7.1, npm/killable@1.0.1, npm/lcid@1.0.0, npm/leb@0.3.0, npm/less-loader@4.1.0, npm/less@3.8.1, npm/levn@0.3.0, npm/license-webpack-plugin@1.4.0, npm/lie@3.1.1, npm/load-json-file@1.1.0, npm/loader-runner@2.3.0, npm/loader-utils@1.1.0, npm/locate-path@2.0.0, npm/lodash.assign@4.2.0, npm/lodash.clonedeep@4.5.0, npm/lodash.mergewith@4.6.1, npm/lodash.tail@4.1.1, npm/log4js@0.6.38, npm/loglevel@1.6.1, npm/long@3.2.0, npm/loose-envify@1.4.0, npm/loud-rejection@1.6.0, npm/lower-case@1.1.4, npm/lru-cache@4.1.3, npm/map-cache@0.2.2, npm/map-obj@1.0.1, npm/map-visit@1.0.0, npm/md5.js@1.3.4, npm/memory-fs@0.4.1, npm/meow@3.7.0, npm/micromatch@3.1.10, npm/miller-rabin@4.0.1, npm/mini-css-extract-plugin@0.4.2, npm/minimalistic-crypto-utils@1.0.1, npm/minimist@0.0.8, npm/mississippi@2.0.0, npm/mixin-deep@1.3.1, npm/mixin-object@2.0.1, npm/mkdirp@0.5.1, npm/move-concurrently@1.0.1, npm/multicast-dns-service-types@1.1.0, npm/multicast-dns@6.2.3, npm/nan@2.11.0, npm/nanomatch@1.2.13, npm/neo-async@2.5.2, npm/no-case@2.3.2, npm/node-forge@0.7.5, npm/node-gyp@3.8.0, npm/node-libs-browser@2.1.0, npm/node-sass@4.9.3, npm/nopt@3.0.6, npm/normalize-package-data@2.4.0, npm/npm-package-arg@6.1.0, npm/npm-registry-client@8.6.0, npm/npmlog@4.1.2, npm/nth-check@1.0.1, npm/num2fraction@1.2.2, npm/object-component@0.0.3, npm/object-copy@0.1.0, npm/object-keys@1.0.12, npm/object-visit@1.0.1, npm/object.getownpropertydescriptors@2.0.3, npm/object.pick@1.3.0, npm/on-headers@1.0.1, npm/opn@5.3.0, npm/optimist@0.6.1, npm/optionator@0.8.2, npm/options@0.0.6, npm/original@1.0.2, npm/os-browserify@0.3.0, npm/os-homedir@1.0.2, npm/os-locale@1.4.0, npm/osenv@0.1.5, npm/p-limit@1.3.0, npm/p-locate@2.0.0, npm/p-map@1.2.0, npm/p-try@1.0.0, npm/parallel-transform@1.1.0, npm/param-case@2.1.1, npm/parse-asn1@5.1.1, npm/parse-json@2.2.0, npm/parse5@4.0.0, npm/parsejson@0.0.3, npm/parseqs@0.0.5, npm/parseuri@0.0.5, npm/parseurl@1.3.2, npm/pascalcase@0.1.1, npm/path-browserify@0.0.0, npm/path-dirname@1.0.2, npm/path-type@3.0.0, npm/pbkdf2@3.0.16, npm/pkg-dir@2.0.0, npm/portfinder@1.0.17, npm/posix-character-classes@0.1.1, npm/postcss-import@11.1.0, npm/postcss-load-config@2.0.0, npm/postcss-loader@2.1.6, npm/postcss-url@7.3.2, npm/postcss-value-parser@3.3.0, npm/postcss@6.0.23, npm/prelude-ls@1.1.2, npm/pretty-error@2.1.1, npm/process@0.11.10, npm/promise@7.3.1, npm/protractor@5.3.2, npm/proxy-addr@2.0.4, npm/pseudomap@1.0.2, npm/public-encrypt@4.0.2, npm/pump@2.0.1, npm/pumpify@1.5.1, npm/punycode@2.1.1, npm/querystring-es3@0.2.1, npm/querystring@0.2.0, npm/querystringify@2.0.0, npm/randombytes@2.0.6, npm/randomfill@1.0.4, npm/range-parser@1.2.0, npm/raw-body@2.3.2, npm/raw-loader@0.5.1, npm/read-cache@1.0.0, npm/read-pkg-up@1.0.1, npm/read-pkg@1.1.0, npm/redent@1.0.0, npm/regenerator-runtime@0.11.1, npm/regex-not@1.0.2, npm/relateurl@0.2.7, npm/renderkid@2.0.1, npm/repeating@2.0.1, npm/resolve-cwd@2.0.0, npm/resolve-from@3.0.0, npm/resolve-url@0.2.1, npm/ret@0.1.15, npm/retry@0.10.1, npm/ripemd160@2.0.2, npm/run-queue@1.0.3, npm/safe-regex@1.1.0, npm/sass-graph@2.2.4, npm/sass-loader@7.1.0, npm/sax@0.5.8, npm/schema-utils@0.4.7, npm/scss-tokenizer@0.2.3, npm/selfsigned@1.10.3, npm/semver-intersect@1.4.0, npm/send@0.16.2, npm/serialize-javascript@1.5.0, npm/serve-static@1.13.2, npm/set-value@2.0.0, npm/setprototypeof@1.1.0, npm/sha.js@2.4.11, npm/shallow-clone@1.0.0, npm/silent-error@1.1.0, npm/slash@1.0.0, npm/slide@1.1.6, npm/snapdragon-node@2.1.1, npm/snapdragon-util@3.0.1, npm/snapdragon@0.8.2, npm/socket.io-adapter@0.5.0, npm/socket.io-client@1.7.3, npm/socket.io-parser@2.3.1, npm/socket.io@1.7.3, npm/sockjs-client@1.1.5, npm/sockjs@0.3.19, npm/source-list-map@2.0.0, npm/source-map-resolve@0.5.2, npm/source-map-url@0.4.0, npm/spdx-correct@3.0.0, npm/spdx-exceptions@2.1.0, npm/spdx-expression-parse@3.0.0, npm/spdx-license-ids@3.0.1, npm/spdy-transport@2.1.0, npm/spdy@3.4.7, npm/split-string@3.1.0, npm/ssri@5.3.0, npm/static-extend@0.1.2, npm/stats-webpack-plugin@0.6.2, npm/statuses@1.4.0, npm/stdout-stream@1.4.1, npm/stream-browserify@2.0.1, npm/stream-each@1.2.3, npm/stream-http@2.8.3, npm/stream-shift@1.0.0, npm/strip-bom@2.0.0, npm/strip-indent@1.0.1, npm/style-loader@0.21.0, npm/stylus-loader@3.0.2, npm/stylus@0.54.5, npm/symbol-observable@1.2.0, npm/tapable@1.0.0, npm/tar@2.2.1, npm/through2@2.0.3, npm/thunky@1.0.2, npm/timers-browserify@2.0.10, npm/tmp@0.0.31, npm/to-array@0.1.4, npm/to-arraybuffer@1.0.1, npm/to-fast-properties@1.0.3, npm/to-object-path@0.3.0, npm/to-regex-range@2.1.1, npm/to-regex@3.0.2, npm/toposort@1.0.7, npm/tree-kill@1.2.0, npm/trim-newlines@1.0.0, npm/true-case-path@1.0.3, npm/tty-browserify@0.0.0, npm/type-check@0.3.2, npm/type-is@1.6.16, npm/typedarray@0.0.6, npm/uglifyjs-webpack-plugin@1.3.0, npm/ultron@1.0.2, npm/union-value@1.0.0, npm/unique-filename@1.1.0, npm/unique-slug@2.0.0, npm/unset-value@1.0.0, npm/upath@1.1.0, npm/upper-case@1.1.3, npm/uri-js@3.0.2, npm/urix@0.1.0, npm/url-join@4.0.0, npm/url-loader@1.1.1, npm/url-parse@1.4.3, npm/url@0.11.0, npm/use@3.1.1, npm/useragent@2.3.0, npm/util.promisify@1.0.0, npm/util@0.10.4, npm/utila@0.4.0, npm/validate-npm-package-name@3.0.0, npm/vm-browserify@0.0.4, npm/watchpack@1.6.0, npm/webassemblyjs@1.4.3, npm/webdriver-js-extender@1.0.0, npm/webpack-core@0.6.9, npm/webpack-dev-middleware@3.2.0, npm/webpack-dev-server@3.1.8, npm/webpack-log@2.0.0, npm/webpack-merge@4.1.4, npm/webpack-sources@1.2.0, npm/webpack-subresource-integrity@1.1.0-rc.4, npm/webpack@4.8.3, npm/websocket-driver@0.7.0, npm/websocket-extensions@0.1.3, npm/when@3.6.4, npm/which-module@1.0.0, npm/wide-align@1.1.3, npm/worker-farm@1.6.0, npm/ws@1.1.2, npm/wtf-8@1.0.0, npm/xml2js@0.4.19, npm/xmlbuilder@9.0.7, npm/xmlhttprequest-ssl@1.5.3, npm/xregexp@4.0.0, npm/xtend@4.0.1, npm/xxhashjs@0.2.2, npm/yallist@2.1.2, npm/yargs-parser@5.0.0, npm/yargs@7.1.0, npm/yeast@0.1.2
View full report↗︎
Superseded by #12.